<?php
session_name(DicomScience);
session_start();

/*
 * The writeBlog.php Controller listens on http_post option author and message. The Data is stored
 * into the Database. The return object will be nothing. Usually, a refresh of the Message List is 
 * appropriate.
 */ 
 
// Getting global settings
require_once('../includes/gset.php');

// Defining response language
$session_language = $_SESSION['lang'];
if ($session_language == "") {
	
	// Assuming Controller has not been triggered by a PHP Session
	if ($lang == 1)	{

		require_once ('../includes/language/german.php');	
			
	} elseif($lang == 2){

		require_once ('../includes/language/english.php');
	
	} elseif($lang == 3){

		require_once ('../includes/language/french.php');
	
	}	
	
}

$blogdate = time();

$newMsgUsrId = $_POST['userid'];
$newMsgAuthor = $_POST['author'];
$newMsgText = $_POST['text'];

require('../includes/database/connect.php');
$sql_checkUserid = "SELECT id_staff, username, firstname, lastname from staff WHERE id_staff = '$newMsgUsrId'";;
$checkUserid = mysql_query($sql_checkUserid);

while($id = mysql_fetch_object($checkUserid)){
	
	$usrid = $id->id_staff;
	
}

if ($usrid == $newMsgUsrId){
	
	$sql_injectMessage = "INSERT INTO blog SET id_staff = '$newMsgUsrId', blogdate = $blogdate, message = '$newMsgText'";
	$injectMessage = mysql_query($sql_injectMessage);
	header("Content-type: text/xml"); 
	echo "<?xml version=\"1.0\" encoding=\"ISO-8859-1\"?>";
	echo "<newBlog>";
		echo "<status>";
		echo "success";
		echo "</status>";
	echo "</newBlog>";
} else {
header("Content-type: text/xml"); 	
echo "<?xml version=\"1.0\" encoding=\"ISO-8859-1\"?>";
	echo "<newBlogStatus>";
		echo "<status>";
		echo "error";
		echo "</status>";
	echo "</newBlogStatus>";
}

require('../includes/database/closedb.php');

